PHP website Common Security Vulnerabilities and preventive measures summary

Source: Internet
Author: User

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

At present, based on PHP web site development has become the mainstream of the current site development, the author focuses on the PHP site from the attack and security aspects of the inquiry, aimed at reducing the vulnerability of the site, I hope to help!

Common PHP Web site security vulnerabilities

For PHP vulnerabilities, there are currently five common vulnerabilities. They are session file vulnerabilities, SQL injection vulnerabilities, script command execution vulnerabilities, global variable vulnerabilities, and file vulnerabilities. These vulnerabilities are briefly described here.

1. session File Vulnerability

Session attack is one of the most common methods used by hackers. When a user visits a Web site, in order to exempt customers from each person to a page to lose the account and password, PHP set up a session and cookies used to facilitate the user's use and visit.

2. SQL Injection Vulnerability

In the development of the website, the programmer because of the lack of comprehensive judgment of the user's data or poor filtering causes the server to execute some malicious information, such as user information inquiries. The hacker can obtain the corresponding information according to the result returned by the malicious program. This is the SQL injection hole in the monthly stomach.

3. Script execution vulnerability

A common reason for script execution vulnerabilities is that the URL parameters that the programmer submits to the user during the development of the Web site are less likely to be caused by user-submitted URLs that may contain malicious code that can cause Cross-site scripting attacks. Script execution vulnerabilities often exist in previous PHP sites, but as the PHP version is upgraded, these problems have been reduced or non-existent.

4. Global variable Vulnerability

PHP variables in the use of the time is not like other development languages need to be stated in advance, PHP variables can be directly used without declaration, the system automatically created when used, and do not need to describe the variable type, the system will automatically determine the variable type according to the context environment. This approach can greatly reduce the programmer's programming error probability, it is very convenient to use.

5. File Vulnerabilities

File vulnerabilities are usually due to the lack of adequate filtering of the external data provided by web developers in the design of the Web site, causing the hacker to exploit the vulnerabilities to execute the corresponding commands on the Web process. If you include such a piece of code in lsm.php: include ($b. " /aaa.php ".), which for hackers, can be a variable bits to achieve remote attacks, can be the hacker's own code, used to achieve attacks on the site. You can submit a.php include=http://lz7.0.0 to the server. 1/b.php, and then execute b.php instructions.

Ii. Common Vulnerabilities in PHP precautions

1. The prevention of the session loophole

From the previous analysis, you can know that the session attack is the most common conversation hijacking, that is, hackers through a variety of attacks to obtain the user's sessions ID, and then use the identity of the attack users to log on to the corresponding web site. To this end, there are several ways to guard against: one is to replace the session ID periodically, the replacement session ID can be implemented with PHP function; the second is to change the session name, usually the default name of the session is PHPSESSID, This variable is usually stored in a cookie, if changed its name, you can block the hacker part of the attack, the third is the transparent session ID closed processing, the so-called transparency is also refers to the HTTP request does not use cookies to develop session ID, The Sessioin ID is passed using a link. Closing the transparent session ID can be done by manipulating the php.ini file, and four by passing the hidden parameters through the URL, which ensures that even if the hacker gets the session data, the related parameters are hidden. It is also difficult to get the session ID variable value.

2. Prevention of SQL Injection Vulnerability

Hackers do a lot of SQL injection, but also flexible, but the common denominator of SQL injection is the use of input filtering vulnerabilities. Therefore, to fundamentally prevent SQL injection, the fundamental solution is to strengthen the filtering of request commands, especially query request commands. Specifically, include the following: first, the filter statements are parameterized processing, that is, through parameterized statements to implement user information input rather than directly embed user input into the statement. Second, in the development of the site as much as possible use of interpretative procedures, hackers often through this means to carry out illegal orders; third, in the development of the Web site to avoid bugs when possible, or hackers may use this information to attack the site; just by defending SQL injection is not enough, It is also common to use professional vulnerability scanning tools to scan your site for vulnerabilities.

3, the script execution vulnerability prevention

There are many ways for hackers to exploit scripts to execute vulnerabilities, and they are flexible, so it is necessary to use a combination of various methods to prevent hackers from attacking script execution vulnerabilities effectively. There are four kinds of methods commonly used here. One is to pre-set the path of the executable file. It can be realized by Safe_moade_exec_dir, and the other is to deal with the command parameter, which is usually realized by Escapeshellarg function, and the third is to replace the external command with the function library with the system; Four is in the operation time to be possible to reduce the use of external commands.

4, the global Variable Vulnerability prevention

For PHP global variable Vulnerability problem, the previous version of PHP has such a problem, but with the PHP version upgrade to 5.5 after the php.ini can be implemented by the settings, set Ruquest_order for GPC. Additionally, in the php.ini configuration file, you can set a Boolean value of Magic_quotes_runtime to hyphen backslashes in the overflow character of the externally-inductive data. To ensure that the Web site program runs in any setting state of the server. You can use the Get_magic_quotes_runtime detection settings at the beginning of the program to determine whether you want to manually process it, or turn it off with Set_magic_quotes_runtime (0) when you start (or do not need to escape automatically).

5. Prevention of file vulnerabilities

For PHP file leakage can be set up and configured to the server to achieve prevention purposes. Here the specific operation is as follows: First, the PHP code in the error prompted to close, so as to avoid hackers through the error prompted to get the database information and Web file physical path; the second is to Open_basedir, that is, the directory outside the operation of the file to prohibit processing; This can protect local files or remote files to prevent them from being attacked, and here you should also take precautions against the attack of session files and uploaded files; the third is to set the Safe-made to an open state, which will regulate the commands to be executed, by prohibiting file uploads, Can effectively improve the safety factor of PHP website.

Statement: This article by Zhengzhou Wholesale market: http://www.shun-e.com/market/original submission, respect for the achievements of others, reproduced please specify the source!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.